Who is Participating?

That JavaScript is an awful piece of code. I hope it is merely the constraints of that pseudo language. Here is what we use. The argument is a 19 character string representing the credit card number, right justified:

This is production code, running in thousands of sites throughout North America.
It may be that I have not explained the parameter in enough detail.

In fact, I would expect it to fail if there are embedded spaces in the number (notice that it stops processing when it encounters a blank). If the number is shorter than 19 characters, it should have leading blanks.

I'm not clear on why you are quoting the length as being a problem in case 2 and 3, there is no specific reference to length in the algorithm or the code. It simply processes digits, right to left, until it encounters a blank.

If you could provide a specific failure case, perhaps we could discuss it in detail.

I hate to be critical but if this is production code, I think it's a miracle it works at all.

For example consider:

for(i=18; i>=0; --i)
{ if(ccn[i]!=' ')

What happens if ccn is < 18 chars long?

See my point? Any old garbage in the string after the terminating NULL will be considered. In my case, I fed it a 16 digit CCN of the form:

1234123412341234

Well ccn[18] comes 3 chars to the _right_ of the last "4". I don't know what's in the space after the 4. It might be 0 or it might be junk...

Now perhaps in the context of the application where you're running this code, you are massaging the CCN BEFORE it gets to this function. In that case, things might be better but it's dangerous code as posted.

You're correct in that in our code the parameter is guaranteed to be 19 characters before it gets to the function. You'll note that I originally specified that the parameter is a 19 character string. If one would want to be more general than that, you could provide one level of generality up by providing a sprintf in it, along the lines of: